CAS-003 · Question #509
CAS-003 Question #509: Real Exam Question with Answer & Explanation
The correct answer is B: It is not blocking or filtering any traffic to the server.. The key insight is that Ann ran iptables commands on the server (10.0.1.19) itself - not on the firewall. The subsequent port scan from her external workstation (192.168.2.45) captures packets successfully reaching the server, meaning the firewall is transparently passing all tra
Question
Exhibit
Options
- AIt is correctly dropping all packets destined for the server.
- BIt is not blocking or filtering any traffic to the server.
- CIptables needs to be restarted.
- DThe IDS functionality of the firewall is currently disabled.
Explanation
The key insight is that Ann ran iptables commands on the server (10.0.1.19) itself - not on the firewall. The subsequent port scan from her external workstation (192.168.2.45) captures packets successfully reaching the server, meaning the firewall is transparently passing all traffic through. If the firewall were functioning as a perimeter security device, it should be filtering what reaches the server; instead, traffic flows unimpeded. The iptables rules Ann configured are host-based rules on the server, which is a separate concern from the firewall's behavior.
Community Discussion
No community discussion yet for this question.